package com.kh.pajx.sop.view.action;

import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.apache.struts2.ServletActionContext;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;

import com.kh.pajx.sop.base.ModelDrivenBaseAction;
import com.kh.pajx.sop.domain.SOPCurrentUser;
import com.kh.pajx.sop.util.common.FormatDate;
import com.kh.pajx.sop.util.security.encoder.DESSymmetricEncoderUtil;
import com.kh.pajx.sop.util.web.RequestUtils;
import com.opensymphony.xwork2.ActionContext;

/**
 * 用户登录、登出action控制器
 * @author:	azzcsimp
 * @Createdate:	2014年7月3日 上午11:07:02
 */
@Controller
@Scope("prototype")
public class SopLoginAction extends ModelDrivenBaseAction<SOPCurrentUser> {
	
	private static final long serialVersionUID = -5392989087433146310L;
	
	/** 验证码 */
	private String captcha;

	/** 用户登录  */
	public String login() {
		if (StringUtils.isEmpty(StringUtils.trim(model.getCaptcha()))) {
			ActionContext.getContext().put("errorMsg", "请输入验证码！");
			setCSRFToken();
			return "toLogin";
		}

		if (StringUtils.isEmpty(StringUtils.trim(model.getAccount()))) {
			ActionContext.getContext().put("errorMsg", "用户名不能为空！");
			setCSRFToken();
			return "toLogin";
		}
		if (StringUtils.isEmpty(StringUtils.trim(model.getPassword()))) {
			ActionContext.getContext().put("errorMsg", "密码不能为空！");
			setCSRFToken();
			return "toLogin";
		}
		
		try {
			DESSymmetricEncoderUtil des = new DESSymmetricEncoderUtil();
			String account = des.decrypt(model.getAccount(), getCSRFToken(), "SOP", "LOGIN");
			String password = des.decrypt(model.getPassword(), getCSRFToken(), "SOP", "LOGIN");
			if (!model.getCaptcha().equalsIgnoreCase(
					ActionContext.getContext().getSession().get("captcha").toString())) {
				ActionContext.getContext().put("errorMsg", "验证码输入有误！");
				model.setAccount(account);
				setCSRFToken();
				return "toLogin";
			}
			
			if (account.length() > 11) {
				ActionContext.getContext().put("errorMsg", "用户名输入过长！");
				model.setAccount(account);
				setCSRFToken();
				return "toLogin";
			}

			if (password.length() > 32) {
				setCSRFToken();
				ActionContext.getContext().put("errorMsg", "密码输入过长！");
				model.setAccount(account);
				setCSRFToken();
				return "toLogin";
			}
			
			
			SOPCurrentUser currentUser = sopLoginService.login(account, password);
			if(currentUser == null){
				ActionContext.getContext().put("errorMsg", "用户名或密码输入错误！");
				model.setAccount(account);
				setCSRFToken();
				return "toLogin";
			}
			
			if(currentUser.getInsideUser().getIsuStatusFlag()==0){
				ActionContext.getContext().put("errorMsg", "该账户已经被禁用！");
				model.setAccount(account);
				setCSRFToken();
				return "toLogin";
			}
			
			// TODO: 日志记录
			/*List<String> count=currentUser.getSclIdList();
			int sclcount=count.size();
			ActionContext.getContext().getSession().put("sclcount", sclcount);*/
			
			String content = currentUser.getUserName()+" 于  "+FormatDate.addHhmmssJoinFlag(FormatDate.dateTimeDetail())+" 登录系统运维平台(SOP)，"+"登录IP为  "+RequestUtils.getIpAddr(ServletActionContext.getRequest());
			System.out.println(content);
			
			ActionContext.getContext().getSession().put("currentUser", currentUser);
			return "toIndex";
		} catch (Exception e) {
			e.printStackTrace();
			if(StringUtils.isNotEmpty(model.getAccount())){
				model.setAccount("");
			}
			setCSRFToken();
			ActionContext.getContext().put("errorMsg", "登录失败！错误信息：" + e.getMessage());
		}
		return "toLogin";
	}

	public String logout() {
		//ActionContext.getContext().getSession().remove("currentUser");
		HttpSession  session =  ServletActionContext.getRequest().getSession();
		session.removeAttribute("currentUser");
		session.invalidate();
		return "logout";
	}
	
	/* 关闭该方法， 如若启用 在该页面添加验证码，防止爆破攻击
	public String loginDialog(){
		return "login_dialog";
	}*/

	public String getCaptcha() {
		return captcha;
	}

	public void setCaptcha(String captcha) {
		this.captcha = captcha;
	}

	/*public void validateLogin(){
		if(StringUtils.isEmpty(StringUtils.trim(model.getAccount()))){
			this.addFieldError("account", "登录名不能为空！");
		}
	}*/

}
